Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 556161 (sslscan)
| Summary: | Review Request: sslscan - Security assessment tool for ssl | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Michal Ambroz <rebus> |
| Component: | Package Review | Assignee: | Tomas Mraz <tmraz> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | 12 | CC: | fedora-package-review, mail, notting, rebus, timlank, tmraz |
| Target Milestone: | --- | Flags: | tmraz:
fedora-review+
gwync: fedora-cvs+ |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | sslscan-1.8.2-3.el4 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2010-04-12 13:49:23 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 563471 | ||
|
Description
Michal Ambroz
2010-01-16 21:20:52 UTC
Output from rpmlint sslscan-1.8.2-1.fc12.src.rpm sslscan-1.8.2-1.fc12.i686.rpm sslscan-debuginfo-1.8.2-1.fc12.i686.rpm: 3 packages and 0 specfiles checked; 0 errors, 0 warnings. Koji build tasks: i386 http://koji.fedoraproject.org/koji/taskinfo?taskID=1927371
Hi Michal,
just trying to be of help again....
I performed the following:
rpm -Uvh sslscan-1.8.2-1.fc12.src.rpm
rpmbuild -ba sslscan.spec
and received the following output:
# rpmbuild -ba sslscan.spec
Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.LGjuMI
+ umask 022
+ cd /root/rpmbuild/BUILD
+ LANG=C
+ export LANG
+ unset DISPLAY
+ cd /root/rpmbuild/BUILD
+ rm -rf sslscan-1.8.2
+ /usr/bin/gzip -dc /root/rpmbuild/SOURCES/sslscan-1.8.2.tgz
+ /bin/tar -xf -
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd sslscan-1.8.2
+ /bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ echo 'Patch #0 (sslscan-makefile.patch):'
Patch #0 (sslscan-makefile.patch):
+ /bin/cat /root/rpmbuild/SOURCES/sslscan-makefile.patch
+ /usr/bin/patch -s -p1 -b --suffix .makefile --fuzz=0
+ echo 'Patch #1 (sslscan-patents.patch):'
Patch #1 (sslscan-patents.patch):
+ /bin/cat /root/rpmbuild/SOURCES/sslscan-patents.patch
+ /usr/bin/patch -s -p1 -b --suffix .patents --fuzz=0
1 out of 2 hunks FAILED -- saving rejects to file sslscan.c.rej
error: Bad exit status from /var/tmp/rpm-tmp.LGjuMI (%prep)
RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.LGjuMI (%prep)
Looking at the patch reject file......
# cat sslscan.c.rej
***************
*** 985,991 ****
fprintf(options->xmlOutput, " </pk>\n");
}
break;
case EVP_PKEY_EC:
printf(" EC Public Key:\n");
if (options->xmlOutput != 0)
fprintf(options->xmlOutput, " <pk error=\"false\" type=\"EC\">\n");
--- 985,993 ----
fprintf(options->xmlOutput, " </pk>\n");
}
break;
+ /* Comment out patented technology not enabled in Fedora */
+ /*
case EVP_PKEY_EC:
printf(" EC Public Key:\n");
if (options->xmlOutput != 0)
fprintf(options->xmlOutput, " <pk error=\"false\" type=\"EC\">\n");
Thanks,
Tim
Hello Tim, I have tried to build now on pristine machine, but I am not able to reproduce the issue you are talking about. Patch seems to be working just fine and it did pass even the koji build for fc13. http://koji.fedoraproject.org/koji/taskinfo?taskID=1927391 Please could you tell me what are your versions of the patch and diff you are using? Thank you Michal Ambroz Thats interesting and I don't know how to explain. I basically took the .spec file and the .src.rpm as listed in the review request, downloaded them to my minimal system, installed the source RPM and then performed the rpmbuild -ba on the source -- which tries to rebuild the source RPM and build the binary rpm. So the patch that was used was the one that was in the .src.rpm that is listed in the first entry in this review request. my particular system is using these versions of the patch and diff utilites... # rpm -qf /usr/bin/patch /usr/bin/diff patch-2.5.4-40.fc12.x86_64 diffutils-2.8.1-25.fc12.x86_64 Thanks, Tim My apologies. I was able to do yum update on another system all builds there as provided without issue. Also mock and koji builds this without any problem. Sorry for any confusion. Tim Nono - no appologies. There must be something wrong. Build failed once it will fail again. Question is why. I have got indeed different version of patch $ rpm -qf /usr/bin/patch /usr/bin/diff patch-2.6.1-1.fc12.i686 diffutils-2.8.1-25.fc12.i686 With patch 2.5.4 I was able to reproduce the issue. With the new version patch --fuzz=0 works fine, but with old version it complains about some fuzziness in the patch. Here is modified src.rpm with patch which works for both version of patch without complains. Spec URL: http://rebus.webz.cz/d/sslscan.spec SRPM URL: http://rebus.webz.cz/d/sslscan-1.8.2-2.fc12.src.rpm Thank you for noticing this Tim. Michal Ambroz The biggest problem is that the src.rpm does not build on current rawhide. There is missing -lcrypto during linking. There are also some warnings with the new openssl but they are not critical. I have noticed also these small problems in the spec: 1. Typo 'assesment' in summary 2. Missing changelog entry for the -2 release 3. The License is GPLv3+ with exceptions not GPLv3. Please also add a comment that the exception is there for allowing linking to OpenSSL. Hello Tomas, thank you for review and comments. Here should be fixed version. Spec URL: http://rebus.webz.cz/d/sslscan.spec SRPM URL: http://rebus.webz.cz/d/sslscan-1.8.2-3.fc12.src.rpm Unfortunately right now I am behind proxy so I cannot use the koji build system to test in the devel target. I have tested only on fc12. Best regards Michal Ambroz Hello - here are the koji builds: http://koji.fedoraproject.org/koji/taskinfo?taskID=2103701 http://koji.fedoraproject.org/koji/taskinfo?taskID=2103692 Best regards Michal Ambroz Rpmlint is silent: rpmlint -v sslscan-* sslscan-debuginfo.x86_64: I: checking sslscan.src: I: checking sslscan.x86_64: I: checking 3 packages and 0 specfiles checked; 0 errors, 0 warnings. I did not find anything would conflict with Fedora packaging guidelines and so the package is APPROVED. I will also sponsor you. New Package CVS Request ======================= Package Name: sslscan Short Description: Security assessment tool for SSL Owners: rebus Branches: F-11 F-12 F-13 EL-4 EL-5 devel InitialCC: Thank you Michal Ambroz CVS done (by process-cvs-requests.py). sslscan-1.8.2-3.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/sslscan-1.8.2-3.fc11 sslscan-1.8.2-3.el4 has been submitted as an update for Fedora EPEL 4. http://admin.fedoraproject.org/updates/sslscan-1.8.2-3.el4 sslscan-1.8.2-3.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/sslscan-1.8.2-3.fc12 sslscan-1.8.2-3.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/sslscan-1.8.2-3.fc13 sslscan-1.8.2-3.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/sslscan-1.8.2-3.el5 Package sslscan was successfully build and addedd to updates for F-11 F-12 and dist-F13 Closing the bug. Thank all reviewers for hints and all the help and especially to Tomas Mraz. Best regards Michal Ambroz sslscan-1.8.2-3.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. sslscan-1.8.2-3.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report. sslscan-1.8.2-3.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. sslscan-1.8.2-3.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report. sslscan-1.8.2-3.el4 has been pushed to the Fedora EPEL 4 stable repository. If problems still persist, please make note of it in this bug report. Package Change Request ====================== Package Name: sslscan New Branches: epel7 Owners: rebus fab Hello SCM team, plase can you add epel7 branch for the sslscan package? Thank you Michal Ambroz Git done (by process-git-requests). |